cmd: avb: Support A/B slots

Add optional parameter to 'avb verify' sub-command, so that user is able to specify which slot to use, in case when user's partitions are slotted. If that parameter is omitted, the behavior of 'avb verify' will be the same as before, so user API is content. Signed-off-by: Sam Protsenko <[email protected]> Reviewed-by: Igor Opaniuk <[email protected]> Acked-by: Igor Opaniuk <[email protected]>
imaami · Oct 31, 2019 · 965ec3c · 965ec3c
1 parent bb43c27
commit 965ec3c
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 4 deletions.
diff --git a/cmd/avb.c b/cmd/avb.c
@@ -232,6 +232,7 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
 	AvbSlotVerifyData *out_data;
 	char *cmdline;
 	char *extra_args;
+	char *slot_suffix = "";
 
 	bool unlocked = false;
 	int res = CMD_RET_FAILURE;
@@ -241,9 +242,12 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
 		return CMD_RET_FAILURE;
 	}
 
-	if (argc != 1)
+	if (argc < 1 || argc > 2)
 		return CMD_RET_USAGE;
 
+	if (argc == 2)
+		slot_suffix = argv[1];
+
 	printf("## Android Verified Boot 2.0 version %s\n",
 	       avb_version_string());
 
@@ -256,7 +260,7 @@ int do_avb_verify_part(cmd_tbl_t *cmdtp, int flag,
 	slot_result =
 		avb_slot_verify(avb_ops,
 				requested_partitions,
-				"",
+				slot_suffix,
 				unlocked,
 				AVB_HASHTREE_ERROR_MODE_RESTART_AND_INVALIDATE,
 				&out_data);
@@ -416,7 +420,7 @@ static cmd_tbl_t cmd_avb[] = {
 	U_BOOT_CMD_MKENT(read_part, 5, 0, do_avb_read_part, "", ""),
 	U_BOOT_CMD_MKENT(read_part_hex, 4, 0, do_avb_read_part_hex, "", ""),
 	U_BOOT_CMD_MKENT(write_part, 5, 0, do_avb_write_part, "", ""),
-	U_BOOT_CMD_MKENT(verify, 1, 0, do_avb_verify_part, "", ""),
+	U_BOOT_CMD_MKENT(verify, 2, 0, do_avb_verify_part, "", ""),
 #ifdef CONFIG_OPTEE_TA_AVB
 	U_BOOT_CMD_MKENT(read_pvalue, 3, 0, do_avb_read_pvalue, "", ""),
 	U_BOOT_CMD_MKENT(write_pvalue, 3, 0, do_avb_write_pvalue, "", ""),
@@ -459,6 +463,7 @@ U_BOOT_CMD(
 	"avb read_pvalue <name> <bytes> - read a persistent value <name>\n"
 	"avb write_pvalue <name> <value> - write a persistent value <name>\n"
 #endif
-	"avb verify - run verification process using hash data\n"
+	"avb verify [slot_suffix] - run verification process using hash data\n"
 	"    from vbmeta structure\n"
+	"    [slot_suffix] - _a, _b, etc (if vbmeta partition is slotted)\n"
 	);
diff --git a/doc/android/avb2.txt b/doc/android/avb2.txt
@@ -95,6 +95,10 @@ e.g.:
        mmc read ${loadaddr} ${boot_start} ${boot_size}; \
        bootm $loadaddr $loadaddr $fdtaddr;              \
 
+If partitions you want to verify are slotted (have A/B suffixes), then current
+slot suffix should be passed to 'avb verify' sub-command, e.g.:
+
+=> avb verify _a
 
 To switch on automatic generation of vbmeta partition in AOSP build, add these
 lines to device configuration mk file: